Search Results: "Peter Samuelson"

15 October 2006

Julien Danjou: Total recall (2006)

Directed by jd & adn Genre: Action / Adventure / Sci-Fi / Thriller / Horror / Drama / Humor
Runtime: several weeks
Country: A lot
Language: English
Color: Color (Technicolor, QT, GTK and ncurses) Tagline: They stole their project, now they want it back. Plot Outline: In September 2006, a group of developpers from the Debian planet rise against the corruption leading the government.
User Comments: Great action, great suspense, great cultural satire, and a great mind-bender. Awards: Waiting for nomination. Quotes: Cast overview
Anthony Towns (aj), as the Debian Project Leader Denis Barbier (bouz), as The Recaller
Aurelien Jarno (aurel32), as one Seconder Clint Adams (schizo), as one Seconder
MJ Ray (mjr), as one Seconder Pierre Habouzit (madcoder), as one Seconder
Martin Schulze (joey), as one Seconder Marc Dequ nes (duck), as one Seconder

12 August 2006

Martin F. Krafft: The relation between cipher blocks and physical blocks

Many people have responded to my post on encrypted filesystems and power losses; thank you! To clear up the confusion, I decided to write a new entry rather than updating the previous one... I learnt two important things about encrypted block devices, which make me conclude that the addition of encryption does not put your filesystem at jeopardy any more than if it lived directly on the medium. First of all, AES works on blocks of size 128 bits, not 64 bytes, but that's mostly a cosmetic issue with respect to the original blog post. What's more important is that a power loss while writing out a cipher block effectively is the same as a power loss while writing out a physical block to the storage medium: the cipher block is usually smaller than the disk block, and an incompletely written disk block is considered to be invalid. So any incomplete cipher block results in an incomplete disk block, which in turn causes the filesystem to consider the block invalid and try to recover from the journal. What confused me for a long time was the use of chaining block ciphers (see the excellent Wikipedia article for more info). Essentially, block chaining adds security to encryption by making each (cipher) block depend on its predecessor. Great, I thought, so if the first block on disk is corrupted, it'll percolate all the way through the disk and render it all unusable... Well, fortunately, this is not the case... by that logic, a write to the first block would require all remaining blocks on the disk to be recalculated. It is true that cipher blocks are chained, but only within a physical block. This means that a read error on the medium may corrupt a cipher block, which then renders all following cipher blocks contained in the physical block unusable (for they cannot be decrypted anymore). But since the filesystem would already consider the entire block invalid, this does not add to problem. PS: Thanks to Peter Samuelson for (passively) leading me to the light.